<?php
include("../mysql_connect.php");
include("../error/upload.php");

$xml = simplexml_load_file('php://input');

//$xml = simplexml_load_string('<AccountInfo UserName="asd@eqw.qwe" Level="" Name="asdasd" Organization=""><Board ID="12436" Name="123" ShareGroup=""><Media BeMediaID="" MediaType="6" WebLink="http://mercinewyork.blogspot.com/2012/10/claire-pettibones-new-wedding-dress.html" Source="Bespoke" Author=""><Text Title="(null)" Description="(null)" /><Video Type="" FileName="" /></Media></Board></AccountInfo>');

//XML Parse AccountInfo
foreach( $xml->attributes( ) as $attr)
{
	$AttrArray[] = $attr;
}
$UserName = $AttrArray[0];
$Level = $AttrArray[1];
$Name = $AttrArray[2];
$Organization = $AttrArray[3];

//XML Parse Board
foreach( $xml->children() as $Board) {
	foreach( $Board->attributes( ) as $attr)
		$Array_Board[] = (string)$attr; 
}
$Storyboard_id = $Array_Board[0];
$ShareGroup = $Array_Board[2];

//XML Parse Media
foreach( $Board->children() as $Media) {
	foreach( $Media->attributes( ) as $attr)
		$Array_Media[] = (string)$attr; 
}

$MediaType = $Array_Media[1];
$WebLink = $Array_Media[2];
$Source = $Array_Media[3];
$Author = $Array_Media[4];

$strSqlCommand = "SELECT idUSER, Name, Level, Organization, Default_Channel
							FROM user
							WHERE Email = '".$UserName."'";
							
$result = mysql_query($strSqlCommand);
$rowUserInfo = @mysql_fetch_array($result);

if(($Source=='BeSpoke')||($Source=='Bespoke')) { //Check source

	$Media_id = $Array_Media[0];
	
	//Create Media in MyBoard
	$strSqlCommand = "INSERT INTO spot_user_sb_m (STORYBOARD_idSTORYBOARD, MEDIA_idMEDIA, USER_idUSER, Shared) 
						VALUES ('".$Storyboard_id."','".$Media_id."','".$rowUserInfo['idUSER']."','".$ShareGroup."')";
	if (!mysql_query($strSqlCommand)) {
		die(mysql_error());
	 	echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
		error_log( "[".date("Y-m-d H:i:s")."] : Create Media in MyBoard not insert.\nMySQL : '".mysql_error()."'\n", 3, "savetomyboard-errors.log" ); 
		saveError("SaveMyBoard", $UserName, date("Y-m-d H:i:s"), mysql_error());
	 	return;
	}
}
else {
	
	$Media_Socialid = $Array_Media[0];
	
	//Check Media in database
	$strSqlCommand = "SELECT idMEDIA,count(*)
							FROM media
							WHERE BeMedia_SocialID = '".$Media_Socialid."'";
	$result = mysql_query($strSqlCommand);
	$rowMediaCheck = @mysql_fetch_array($result);
		
	$Media_id = $rowMediaCheck[0];
	
	if($rowMediaCheck[1]!=0) {
		
		foreach( $Media->children() as $child)
		{
			switch ($child->getName())
			{
				case "Text":
					foreach( $child->attributes( ) as $attr)
						$Text[] = (string)$attr;
					if ($Text!=null) {
						
						//Check Text of Media in database
						$strSqlCommand = "SELECT count(*)
												FROM text
												WHERE MEDIA_idMEDIA = '".$Media_id."'";
						$result = mysql_query($strSqlCommand);
						$rowTextCheck = @mysql_fetch_array($result);
		
						if($rowTextCheck[0]==0) {
						
							$strSqlCommand = "INSERT INTO text (Title, Description, MEDIA_idMEDIA) 
									VALUES ('".XMLCharEncode($Text[0])."','".XMLCharEncode($Text[1])."','".$Media_id."')";
							if (!mysql_query($strSqlCommand)) {
	 							echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
								error_log( "[".date("Y-m-d H:i:s")."] : Text not insert.(Social)\nMySQL : '".mysql_error()."'\n", 3, "savetomyboard-errors.log" );
								saveError("SaveText", $UserName, date("Y-m-d H:i:s"), mysql_error()); 
								return;
 							}
						}
					}
					break;
				case "Image":
					foreach( $child->attributes( ) as $attr)
						$Image[] = (string)$attr;
					if ($Image!=null) {
					
						//Check Image of Media in database
						$strSqlCommand = "SELECT count(*)
												FROM image
												WHERE MEDIA_idMEDIA = '".$Media_id."'";
						$result = mysql_query($strSqlCommand);
						$rowImageCheck = @mysql_fetch_array($result);
		
						if($rowImageCheck[0]==0) {
							
							$strSqlCommand = "INSERT INTO image (Type, FileName, MEDIA_idMEDIA, Width, Height) 
								VALUES ('".$Image[0]."', '".XMLCharEncode($Image[3])."', '".$Media_id."', ".(int)$Image[1].", ".(int)$Image[2].")";
							if (!mysql_query($strSqlCommand)) {
	 							echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
								error_log( "[".date("Y-m-d H:i:s")."] : Image not insert.(Social)\nMySQL : '".mysql_error()."'\n", 3,"savetomyboard-errors.log");
								saveError("SaveImage", $UserName, date("Y-m-d H:i:s"), mysql_error());
								return;
 							}
						}
					}
					break;
				case "Video":
					foreach( $child->attributes( ) as $attr)
						$Video[] = (string)$attr;
					if ($Video!=null) {
						
						//Check Video of Media in database
						$strSqlCommand = "SELECT count(*)
												FROM video
												WHERE MEDIA_idMEDIA = '".$Media_id."'";
						$result = mysql_query($strSqlCommand);
						$rowVideoCheck = @mysql_fetch_array($result);
		
						if($rowVideoCheck[0]==0) {
							
							$strSqlCommand = "INSERT INTO video (Type, FileName, MEDIA_idMEDIA) 
									VALUES ('".$Video[0]."','".$Video[1]."','".$Media_id."')";
							if (!mysql_query($strSqlCommand)) {
	 							echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
								error_log( "[".date("Y-m-d H:i:s")."] : Video not insert.(Social)\nMySQL : '".mysql_error()."'\n", 3, "savetomyboard-errors.log" ); 
								saveError("SaveVideo", $UserName, date("Y-m-d H:i:s"), mysql_error());
								return;
 							}
						}
					}
					break;
			}
		}
	}
	else if($rowMediaCheck[1]==0) {
		
		//Create Media in database
		$strSqlCommand = "INSERT INTO media (MEDIA_TYPE_idMEDIA_TYPE, BeMedia_SocialID, Enable, WebLink, ModifyTime) 
							VALUES ('".$MediaType."','".$Media_Socialid."','','".$WebLink."', '".date("Y-m-d H:i:s")."')";
		if (!mysql_query($strSqlCommand))
 		{
	 		echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
			error_log( "[".date("Y-m-d H:i:s")."] : Create Media in database not insert.(Social)\nMySQL : '".mysql_error()."'\n", 3, "savetomyboard-errors.log" ); 
			saveError("SaveMyBoard", $UserName, date("Y-m-d H:i:s"), mysql_error());
			return;
 		}
		
		if (mysql_insert_id()!=0)
			$Media_id = mysql_insert_id();
	
		foreach( $Media->children() as $child)
		{
			switch ($child->getName())
			{
				case "Text":
					foreach( $child->attributes( ) as $attr)
						$Text[] = (string)$attr;
					if ($Text!=null) {
						$strSqlCommand = "INSERT INTO text (Title, Description, MEDIA_idMEDIA) 
								VALUES ('".XMLCharEncode($Text[0])."','".XMLCharEncode($Text[1])."','".$Media_id."')";
						if (!mysql_query($strSqlCommand)) {
	 						echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
							error_log( "[".date("Y-m-d H:i:s")."] : Text not insert.(Social)\nMySQL : '".mysql_error()."'\n", 3, "savetomyboard-errors.log" );
							saveError("SaveText", $UserName, date("Y-m-d H:i:s"), mysql_error()); 
							return;
 						}
					}
					break;
				case "Image":
					foreach( $child->attributes( ) as $attr)
						$Image[] = (string)$attr;
					if ($Image!=null) {
						$strSqlCommand = "INSERT INTO image (Type, FileName, MEDIA_idMEDIA, Width, Height) 
							VALUES ('".$Image[0]."', '".XMLCharEncode($Image[3])."', '".$Media_id."', ".(int)$Image[1].", ".(int)$Image[2].")";
						if (!mysql_query($strSqlCommand)) {
	 						echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
							error_log( "[".date("Y-m-d H:i:s")."] : Image not insert.(Social)\nMySQL : '".mysql_error()."'\n", 3,"savetomyboard-errors.log");
							saveError("SaveImage", $UserName, date("Y-m-d H:i:s"), mysql_error());
							return;
 						}
					}
					break;
				case "Video":
					foreach( $child->attributes( ) as $attr)
						$Video[] = (string)$attr;
					if ($Video[1]!=null) {
						$strSqlCommand = "INSERT INTO video (Type, FileName, MEDIA_idMEDIA) 
								VALUES ('".$Video[0]."','".$Video[1]."','".$Media_id."')";
						if (!mysql_query($strSqlCommand)) {
	 						echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
							error_log( "[".date("Y-m-d H:i:s")."] : Video not insert.(Social)\nMySQL : '".mysql_error()."'\n", 3, "savetomyboard-errors.log" ); 
							saveError("SaveVideo", $UserName, date("Y-m-d H:i:s"), mysql_error());
							
							return;
 						}
					}
					break;
			}
		}
	}
	
	//Create Media in MyBoard
	$strSqlCommand = "INSERT INTO spot_user_sb_m (STORYBOARD_idSTORYBOARD, MEDIA_idMEDIA, USER_idUSER, Shared) 
						VALUES ('".$Storyboard_id."','".$Media_id."','".$rowUserInfo['idUSER']."','".$ShareGroup."')";
	if (!mysql_query($strSqlCommand)) {
	 	echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
		error_log( "[".date("Y-m-d H:i:s")."] : Create Media in MyBoard not insert.\nMySQL : '".mysql_error()."'\n", 3, "savetomyboard-errors.log" ); 
		saveError("SaveMedia", $UserName, date("Y-m-d H:i:s"), mysql_error());
	 	return;
	}
}
 
echo "<Success Message=\"Media was successfully added to the Board.\" Domain=\"Configuration\" MediaID=\"".$Media_id."\" />";
//mysql_close($db_server, $db_user, $db_passwd);

function XMLCharEncode( $Subject )
	{
		$Serach  = array( "<", ">", "&", "'","\"" );
		$Replace = array( "&lt;","&gt;","&amp;","&apos;","&quot;");
		return str_replace($Serach, $Replace, $Subject);
	}
?>
